International Space Station Infected With USB Stick Malware Carried on Board by Russian Astronauts

Renowned security expert Eugene Kaspersky reveals that the International Space Station was infected by a USB stick carried into space by a Russian astronaut.

the International Space Station was infected by malware held on a USB stick and carried by Russian astronauts (Reuters)

Russian security expert Eugene Kaspersky has also told journalists that the infamous Stuxnet had infected an unnamed Russian nuclear plant and that in terms of cyber-espionage "all the data is stolen globally... at least twice."

Kaspersky revealed that Russian astronauts carried a removable device into space which infected systems on the space station. He did not elaborate on the impact of the infection on operations of the International Space Station (ISS).

Kaspersky said he had been told that from time to time there were "virus epidemics" on the station.

Kaspersky doesn't give any details about when the infection he was told about took place, but it appears as if it was prior to May of this year when the United Space Alliance, the group which oversees the operaiton of the ISS, moved all systems entirely to Linux to make them more "stable and reliable."

Windows XP

Prior to this move the "dozens of laptops" used on board the space station had been using Windows XP, which is inherently more vulnerable to infection from malware than Linux.

According to Kaspersky the infections occurred on laptops used by scientists who used Windows as their main platform and carried USB sticks into space when visiting the ISS.

The ISS's control systems (known generally as SCADA systems) were already running various flavours of Linux prior to this switch for laptops last May.

According to a report on ExtremeTech, as far back as 2008 a Windows XP laptop was brought onto the ISS by a Russian astronaut infected with the W32.Gammima.AG worm, which quickly spread to other laptops on the station - all of which were running Windows XP.

Stuxnet

The Russian said this example shows that not being connected to the internet does not prevent you from being infected. In another example, Kaspersky revealed that an unnamed Russian nuclear facility, which is also cut off from the public internet, was infected with the infamous Stuxnet malware.

Founder of Kaspersky security company, Eugene Kaspersky, reveals the International Space Station was infected with malware carried on USB sticks. (Screengrab)

Quoting an employee of the plant, Kaspersky said:

"[The staffer said] their nuclear plant network which was disconnected from the internet ... was badly infected by Stuxnet. So unfortunately these people who were responsible for offensive technologies, they recognise cyber weapons as an opportunity."

Infamous

Stuxnet is one of the most infamous pieces of malware ever created, though it was never designed to come to the attention of the public.

Never officially confirmed by either government, the widely-held belief is that Stuxnet was created jointly by the US and Israeli governments to target and disable the Natanz nuclear enrichment facility in Iran, in a bid to disrupt the country's development of nuclear weapons.

The malware was introduced to the Natanz facility, which is also disconnected from the internet, through a USB stick and went on to force centrifuges to spin out of control and cause physcial damage to the plant.

Stuxnet only became known to the public when an employee of the Natanz facility took an infected work laptop home and connected to the internet, with the malware quickly spreading around the globe infecting millions of PCs.

Expensive

Kaspersky told the Press Club that creating malware like Stuxnet, Gauss, Flame and Red October is a highly complex process which would cost up to $10 million to develop.

Speaking about cyber-crime, Kaspersky said that half of all criminal malware was written in Chinese, with a third written in Spanish or Portuguese. Kaspersky added that Russian-based malware was the next most prevalent threat, but that it was also the most sophisticated.

He also added that Chinese malware authors were not very interested in security with some adding social media accounts and personal photos on servers hosting the malware.